DoW (DoD) 8140/8570 US Government Certification Path
The DoD 8140 (specifically the DoDM 8140.03 manual) has replaced the older DoD 8570 framework. While 8570 categorized certifications into broad “Levels” (IAT I/II/III), 8140 utilizes the DoD Cyberspace Workforce Framework (DCWF), which maps certifications to 72 specific work roles categorized into three proficiency levels: Basic, Intermediate, and Advanced
The DOD 8140 refers to a U.S. Department of Defense directive that sets cybersecurity workforce requirements.
What it is? DoD Directive 8140 (DoDD 8140.01) establishes policies for managing and qualifying personnel who perform cybersecurity and IT-related roles across the Department of Defense.
Key points
Replaced DoD 8570 (older certification framework)
Covers a broader cyber workforce, not just IT security
Defines work roles using the DoD Cyber Workforce Framework (DCWF)
Focuses on:
Training
Certification
Qualification standards
Workforce management
What changed from 8570?
Moves from rigid certification lists → role-based qualification system
Includes more roles (offensive, defensive, intelligence, etc.)
Allows multiple ways to qualify (not just one cert)
Who it affects?
Military personnel
Civilian DoD employees
Contractors working in cybersecurity or IT roles for DoD
Why it matters?
If you’re working (or planning to work) in DoD IT/cyber:
You must meet specific role requirements
Certifications like Security+, CISSP, CEH, etc. may still be required—but tied to your role rather than a blanket category
Under DoD 8140, cyber positions are organized into workforce categories and specialty areas using the DoD Cyber Workforce Framework (DCWF).
The framework aligns closely with the National Institute of Standards and Technology NICE Cybersecurity Workforce Framework.
How DoD 8140 Works
Instead of saying: “Everyone needs Security+”
8140 says:
“Your specific role requires certain knowledge, skills, abilities, training, and certifications.”
That means:
Two cybersecurity workers may need completely different qualifications.
Experience and training can sometimes substitute for certifications.
Roles are mapped to:
Tasks
Knowledge
Skills
Abilities (KSAs)
Common Entry-Level Paths
| Career Goal | Common Starting Certifications |
|---|---|
| Help Desk / IT Support | A+, Network+ |
| System Administration | Security+, Microsoft, Linux+ |
| SOC Analyst | Security+, CySA+ |
| Penetration Testing | Security+, PNPT, OSCP |
| Cyber Management | Security+, CISSP |
| Digital Forensics | Security+, CHFI |
Most Common DoD Roles for Beginners
These are frequently seen in government contractor and military support positions:
Help Desk Technician
System Administrator
Network Administrator
Information Assurance Technician (IAT)
SOC Analyst
RMF Support Analyst
The most common baseline cert is still:
CompTIA Security+, because it often satisfies foundational requirements for many entry-level DoD cyber positions.
Major DoD 8140 Cyber Workforce Areas
1. Securely Provision (SP)
People who design, build, and develop systems securely.
Common Roles
Cybersecurity Engineer
Software Developer
Systems Architect
Cloud Security Engineer
Security Control Assessor
Typical Skills
Secure coding
System architecture
Risk management
Cloud security
DevSecOps
Common Certifications
Security+
CISSP
CASP+
AWS Security Specialty
GIAC certifications
2. Operate and Maintain (OM)
Personnel who run and maintain IT/cyber systems.
Common Roles
System Administrator
Network Administrator
Help Desk Technician
Database Administrator
Enterprise IT Support
Typical Skills
Windows/Linux administration
Networking
Troubleshooting
Patch management
Active Directory
Common Certifications
CompTIA A+
Network+
Security+
Microsoft certifications
Linux+
3. Oversee and Govern (OV)
Leadership, policy, compliance, and management positions.
Common Roles
ISSM (Information Systems Security Manager)
Cybersecurity Program Manager
Compliance Officer
Risk Management Framework (RMF) Analyst
IT Project Manager
Typical Skills
Governance
Policy development
Risk analysis
Auditing
Leadership
Common Certifications
CISSP
CISM
CGRC (formerly CAP)
PMP
Security+
4. Protect and Defend (PR)
Defensive cybersecurity operations.
Common Roles
SOC Analyst
Incident Responder
Cyber Defense Analyst
Threat Hunter
Blue Team Operator
Typical Skills
SIEM tools
Log analysis
Threat detection
Malware analysis
Incident response
Common Certifications
CySA+
Security+
GCIH
GCIA
CEH
5. Analyze (AN)
Cyber intelligence and threat analysis.
Common Roles
Cyber Threat Intelligence Analyst
Malware Analyst
Intelligence Analyst
Fusion Analyst
Typical Skills
Intelligence collection
Threat actor analysis
OSINT
Malware reverse engineering
Reporting
Common Certifications
GCTI
CEH
Security+
Intel-focused GIAC certifications
6. Collect and Operate (CO)
Offensive cyber operations and collection activities.
Common Roles
Cyber Operator
Exploitation Analyst
Red Team Operator
Cyber Collection Specialist
Typical Skills
Penetration testing
Exploitation
Advanced networking
Offensive tooling
Adversary emulation
Common Certifications
OSCP
PNPT
CEH
GPEN
GXPN
7. Investigate (IN)
Digital forensics and cybercrime investigations.
Common Roles
Digital Forensic Examiner
Cyber Crime Investigator
Law Enforcement Cyber Specialist
Typical Skills
Evidence collection
Disk/memory forensics
Chain of custody
Legal procedures
Common Certifications
CHFI
GCFA
EnCE
8. Cyberspace Effects (CE)
Military-focused offensive and defensive cyber mission roles.
Common Roles
Cyber Warfare Operator
Cyber Mission Force Operator
Tactical Cyber Specialist
Typical Skills
Cyber operations
Mission planning
Tactical operations
Joint operations support
Common Certifications
Often role-specific and government-directed rather than commercial-only certifications.